Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,321 vulnerabilities with CWE-352

CVE-2025-58430 MEDIUM

listmonk <= 1.1.0 - Cross-Site Scripting via Nonce Bypass

CVE-2025-54256 HIGH

Dreamweaver < 21.6 - Cross-Site Request Forgery

CVE-2025-58997 CRITICAL

Frenify Mow <= 4.10 - Cross-Site Request Forgery

CVE-2025-58991 HIGH

Cristiano Zanca WooCommerce Booking Bundle Hours <0.7.4 - CSRF

CVE-2025-58975 MEDIUM

Helmut Wandl Advanced Settings <3.1.1 - CSRF

CVE-2025-8711 MEDIUM

Ivanti Connect Secure < 22.7 - Cross-Site Request Forgery

CVE-2025-55147 HIGH

Ivanti Connect Secure <22.7R2.9,22.8R2 - CSRF

CVE-2025-42923 MEDIUM

SAP Fiori App Manage Work Center Groups - CSRF

CVE-2025-48104 HIGH

Floating Window Music Player <3.4.2 - CSRF/XSS

CVE-2025-27003 MEDIUM

fullworks Quick Paypal Payments <5.7.46 - CSRF

CVE-2025-58878 MEDIUM

Woocommerce Gifts Product <1.0.0 - CSRF

CVE-2025-58869 MEDIUM

SimaCookie <= 1.3.2 - Cross-Site Request Forgery

CVE-2025-58865 MEDIUM

reimund Compact Admin <1.3.0 - CSRF

CVE-2025-58861 HIGH

WP Corner Quick Event Calendar <1.4.9 - CSRF

CVE-2025-58860 HIGH

KaizenCoders Enable Latex <1.2.16 - CSRF/XSS

CVE-2025-58859 HIGH

Add to Feedly <= 1.2.11 - Cross-Site Request Forgery

CVE-2025-58856 MEDIUM

Woocommerce Notify Updated Product <1.6 - CSRF

CVE-2025-58854 HIGH

Samer Bechara Ultimate AJAX Login <1.2.1 - CSRF

CVE-2025-58853 HIGH

OTWthemes Popping Sidebars and Widgets Light <1.27 - CSRF/XSS

CVE-2025-58852 HIGH

MSTW League Manager <= 2.10 - Cross-Site Request Forgery

CVE-2025-58849 HIGH

Hide Real Download Path <1.6 - CSRF

CVE-2025-58848 HIGH

WP likes <= 3.1.1 - Cross-Site Request Forgery

CVE-2025-58847 HIGH

WN Flipbox Pro <= 2.1 - Cross-Site Request Forgery

CVE-2025-58846 HIGH

WordPress Buffer - HYPESocial < 2020.1.0 - Cross-Site Request Forgery

CVE-2025-58845 HIGH

ChrisHurst Bulk Watermark -n/a-1.6.10 - CSRF

Previous Page 39 of 373 Next

Details

Vulnerabilities 9,321

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy